Why is my database password encrypted with MySQL OLD_PASSWORD()?

MySQL 4.1 came out in 2004 and introduced a more secure password hashing scheme. This new method is not compatible for applications that use, for example, PHP4. We have kept using MySQL OLD_PASSWORD() since 2004 to keep customers' old applications working properly.

PHP 5.3, available in our Debian 6 environment, uses a new driver, called mysqlnd, to communicate with MySQL. Mysqlnd does not work with passwords encrypted with OLD_PASSWORD(). So, we must begin transitioning to the new, better PASSWORD().

The transition plan varies depending on you situation:

Customers on Debian 6: Do nothing; you are already using the newest password hashing, and it is fully compatible with PHP 5.3

Customers on Debian 5: Submit a new database password. It will be stored more securely and your applications will continue to work. You can submit your current password for re-encryption if it meets our minimum password strength requirements.

...or keep your current database password. You will be unable to add new databases in this state. If you absolutely must change your password or add a database, contact support for a special exception.